Trying something that will probably never happen

Signed-off-by: Nikolai Rodionov <allanger@badhouseplants.net>
2025-05-31 23:45:21 +02:00 · 2025-05-31 23:45:21 +02:00 · 33e284f096
commit 33e284f096
parent af21bd3b31
10 changed files with 98 additions and 107 deletions
--- a/helmule/helmule.yaml
+++ b/helmule/helmule.yaml
@ -53,101 +53,118 @@ repositories:
  - name: kubernetes-dashboard
    helm:
      url: https://kubernetes.github.io/dashboard/
  - name: vmware-tanzu
    helm:
      url: https://vmware-tanzu.github.io/helm-charts/
 mirrors:
-  - name: custom-commands
+  - name: gitea
    custom_command:
      package:
        - helm package -d package .
      upload:
        - helm push ./package/{{ name }}-{{ version }}.tgz oci://registry.badhouseplants.net/softplayer/helm
        - rm -rf ./package
  - name: ghcr
    custom_command:
      package:
        - helm package -d package .
      upload:
        - helm push ./package/{{ name }}-{{ version }}.tgz oci://ghcr.io/allanger/softplayer/helm
        - rm -rf ./package
 charts:
  - name: coredns
    repository: coredns
    mirrors:
-      - custom_command
+      - gitea
      - ghcr
  - name: cilium
    repository: cilium
    mirrors:
-      - custom_command
+      - gitea
  - name: metrics-server
    repository: metrics-server
    mirrors:
-      - custom_command
+      - gitea
  - name: traefik
    repository: traefik
    mirrors:
-      - custom_command
+      - gitea
  - name: cert-manager
    repository: jetstack
    mirrors:
-      - custom_command
+      - gitea
  - name: velero
    repository: vmware-tanzu
    mirrors:
      - gitea
  - name: metallb
    repository: metallb
    mirrors:
-      - custom_command
+      - gitea
  - name: longhorn
    repository: longhorn
    mirrors:
-      - custom_command
+      - gitea
  - name: flannel
    repository: flannel
    mirrors:
-      - custom_command
+      - gitea
  - name: local-path-provisioner
    repository: rancher-local-path
    mirrors:
-      - custom_command
+      - gitea
  - name: base
    repository: istio
    mirrors:
-      - custom_command
+      - gitea
  - name: gateway
    repository: istio
    mirrors:
-      - custom_command
+      - gitea
  - name: istiod
    repository: istio
    mirrors:
-      - custom_command
+      - gitea
  - name: tekton-pipeline
    repository: cdf
    mirrors:
-      - custom_command
+      - gitea
  - name: flux2
    repository: fluxcd-community
    mirrors:
-      - custom_command
+      - gitea
  - name: helmrelease
    repository: softplayer
    mirrors:
-      - custom_command
+      - gitea
  - name: shadowsocks-libev
    repository: allanger-charts
    mirrors:
-      - custom_command
+      - gitea
  - name: keel
    repository: keel
    mirrors:
-      - custom_command
+      - gitea
  - name: kubernetes-dashboard
    repository: kubernetes-dashboard
@ -161,5 +178,29 @@ charts:
          commands:
            - mv ./config/config.yaml .
            - rm -rf config
      - name: enable ingress
        yq:
          file: values.yaml
          op: Replace
          key: .app.ingress.enabled
          value: "true"
      - name: change ingress class name
        yq:
          file: values.yaml
          op: Replace
          key: .app.ingress.ingressClassName
          value: traefik
      - name: change cert manager issuer name
        yq:
          file: values.yaml
          op: Replace
          key: .app.ingress.issuer.name
          value: network-base
      - name: change cert manager issuer kind
        yq:
          file: values.yaml
          op: Replace
          key: .app.ingress.issuer.scope
          value: cluster
    mirrors:
-      - custom_command
+      - gitea
--- a/service/helmfile.yaml
+++ b/service/helmfile.yaml
@ -13,6 +13,8 @@ releases:
  - name: coredns
    chart: zot/coredns
    labels:
      element: system
    version: 1.29.0
    namespace: kube-system
    values:
@ -20,6 +22,8 @@ releases:
  - name: cilium
    chart: zot/cilium
    labels:
      element: system
    installed: true
    version: 1.15.4
    namespace: kube-system
@ -30,6 +34,8 @@ releases:
  - name: metrics-server
    chart: zot/metrics-server
    labels:
      element: system
    version: 3.12.1
    namespace: kube-system
    needs:
@ -92,6 +98,8 @@ releases:
  - name: local-path-provisioner
    chart: zot/local-path-provisioner
    labels:
      element: system
    namespace: kube-system
    version: 0.0.25-dev
    values:
--- a/service/manifests/pipeline-run-cleanup.yaml
+++ b/service/manifests/pipeline-run-cleanup.yaml
@ -1,23 +0,0 @@
 apiVersion: tekton.dev/v1beta1
 kind: PipelineRun
 metadata:
  generateName: hetzner-cleanup
  namespace: default
 spec:
  params:
    - name: namespace
      value: default
    - name: environment
      value: default
    - name: customer
      value: allanger
  pipelineRef:
    resolver: cluster
    params:
      - name: kind
        value: pipeline
      - name: name
        value: hetzner-cleanup
      - name: namespace
        value: tekton-pipelines
  serviceAccountName: secret-manager
--- a/service/manifests/pipeline-run.yaml
+++ b/service/manifests/pipeline-run.yaml
@ -1,30 +0,0 @@
 apiVersion: tekton.dev/v1beta1
 kind: PipelineRun
 metadata:
  generateName: hetzner-k3s
  namespace: tekton-runtime
 spec:
  params:
    - name: namespace
      value: default
    - name: environment
      value: default
    - name: customer
      value: allanger
  pipelineRef:
    resolver: cluster
    params:
      - name: kind
        value: pipeline
      - name: name
        value: hetzner-k3s
      - name: namespace
        value: tekton-pipelines
  workspaces:
    - name: ssh-keys
      emptyDir: {}
    - name: inventory
      emptyDir: {}
    - name: kubeconfig-output
      emptyDir: {}
  serviceAccountName: secret-manager
--- a/service/values/values.istiod.yaml
+++ b/service/values/values.istiod.yaml
@ -3,7 +3,7 @@ pilot:
  resources:
    requests:
      cpu: 50m
-      memory: 2048Mi
+      memory: 248Mi
 global:
  proxy:
    resources:
--- a/workload/helmfile.yaml
+++ b/workload/helmfile.yaml
@ -39,7 +39,7 @@ releases:
  - name: flux2
    chart: zot/flux2
-    namespace: flux-system
+    namespace: kube-system
    version: 2.12.4
    createNamespace: false
    needs:
@ -52,7 +52,7 @@ releases:
  - name: cert-manager
    chart: zot/cert-manager
    version: v1.14.4
-    namespace: cert-manager
+    namespace: kube-system
    needs:
      - kube-system/namespaces
      - kube-system/coredns
@ -62,7 +62,7 @@ releases:
  - name: metallb
    chart: zot/metallb
    version: 0.14.5
-    namespace: metallb-system
+    namespace: kube-system
    createNamespace: false
    needs:
      - kube-system/namespaces
@ -76,20 +76,20 @@ releases:
      - kube-system/namespaces
      - kube-system/coredns
      - kube-system/cilium
-    namespace: traefik-system
+    namespace: kube-system
    values:
      - ./values/traefik.yaml
  - name: ippool
-    namespace: metallb-system
+    namespace: kube-system
    createNamespace: false
    chart: ../charts/ippool
    values:
      {{ $ip4 := trim (exec "bash" (list "-c" "cat /tmp/outputs/provider_outputs.yaml | yq '.user_entrypoint'")) }}
      - ipPool: "{{- printf "%s-%s" $ip4 $ip4 -}}"
    needs:
-      - metallb-system/metallb
+      - kube-system/metallb
-      - cert-manager/cert-manager
+      - kube-system/cert-manager
  - name: local-path-provisioner
    chart: zot/local-path-provisioner
@ -98,23 +98,14 @@ releases:
      - kube-system/namespaces
      - kube-system/coredns
      - kube-system/cilium
-    namespace: traefik-system
+    namespace: kube-system
    values:
      - ./values/local-path.yaml
  - name: network-base
    chart: ../charts/network-base-workload/
    namespace: kube-system
    needs: 
      - kube-system/namespaces
-      - cert-manager/cert-manager
+      - kube-system/cert-manager
  - name: kubernetes-dashboard 
    chart: zot/kubernetes-dashboard 
    installed: false
    version: 7.3.2
    namespace: applications
    values:
      - ./values/kubernetes-dashboard.yaml
    needs: 
      - kube-system/namespaces
      - kube-system/coredns
      - kube-system/cilium
--- a/workload/values/flux.yaml
+++ b/workload/values/flux.yaml
@ -6,3 +6,5 @@ imageAutomationController:
  create: false
 imageReflectionController:
  create: false
 notificationController:
  create: false
--- a/workload/values/kubernetes-dashboard.yaml
+++ b/workload/values/kubernetes-dashboard.yaml
@ -1,16 +1,9 @@
 app:
  ingress:
    enabled: true
    hosts:
      - dashboard.fe85db5c-fa78-4951-9641-7382be9c5884.badhouseplants.net
    ingressClassName: traefik
    pathType: ImplementationSpecific
    path: /
    issuer:
      name: network-base
      scope: cluster
    tls:
      secretName: ""
    labels: {}
    annotations:
      traefik.ingress.kubernetes.io/router.tls: "true"
--- a/workload/values/namespaces.yaml
+++ b/workload/values/namespaces.yaml
@ -1,7 +1,2 @@
 namespaces:
  - name: metallb-system
  - name: flux-system
  - name: traefik-system
  - name: cilium-system
  - name: helm-installations
  - name: applications
--- a/workload/values/traefik.yaml
+++ b/workload/values/traefik.yaml
@ -1,2 +1,16 @@
 globalArguments:
  - "--serversTransport.insecureSkipVerify=true"
 ports:
  tf2:
    port: 27015
    expose:
      default: true
    exposedPort: 27015
    protocol: UDP
  rcon:
    port: 27015
    expose:
      default: true
    exposedPort: 27015
    protocol: TCP